Control system cooperating with a mobile device and a management server

ABSTRACT

A control system includes a control device, a controller, a plurality of user mobile devices, a manager mobile device, and a manager server. An initial first identification information of each user mobile device obtained by the manager mobile device is sent to the manager server, is authenticated, and is encoded. Every time a user mobile device is connected to the controller for opening the control device, a holder of the user mobile device is requested to input an instant first identification information. After decoding by a decoding key, the controller identifies whether the instant first identification information is identical to the authenticated initial first identification information. The identification result is used to decide whether the control device should be set to be an open state.

BACKGROUND

The present invention relates to a control system cooperating with amobile device and, more particularly, to a control system using theInternet, a mobile communication network (such as 3G or 4G mobilecommunication network), or a local area network to permit communicationbetween a mobile device (such as a cell phone or a tablet) with anaccess control device, thereby permitting use of the mobile device tocontrol unlocking of the access control device.

Conventional mechanical locks have been well developed, and metal keysare generally required to open most types of the mechanical locks, suchthat many people have to carry various keys for different locks and haveto remember the corresponding lock of each key, which is inconvenient tocarriage and use. With the progress of technology, conventionalmechanical locks have been gradually developed to include motors ormagnetically driven devices to activate the components of the lockswhile cooperating electrical identity identification processes tocontrol locking or unlocking of the locks.

One type of the most commonly used electric locks uses radio frequencyidentification (RFID) technology to identify the identity of the user.Specifically, when the user carrying an induction card is near theelectric lock, the electric lock reads an identification number storedin the induction card and compares the identification number of theinduction card with a list of authorized identification numbers storedin the electric lock. If the identification number of the induction cardmatches with any one of the authorized identification numbers, theelectric lock is unlocked. On the other hand, if the identificationnumber of the induction card does not match with any one of theauthorized identification numbers, the electric lock remains locked. Itis obvious that the electric lock remains locked if the user is withoutan induction card. However, the electric lock cannot identify the holderof the induction card; namely, if the induction card is lost, anyonefinding the induction card can use it to access the electric lock.

BRIEF SUMMARY

This need and other problems in the field of preventing unauthorizedaccess are solved by providing a control system including a controldevice controllable to be in an open state or a locked state.

A control system according to the present invention includes a controldevice controllable to be in an open state or a locked state. Acontroller includes a control module electrically connected to thecontrol device, a first memory electrically connected to the controlmodule, and a wireless transmission device electrically connected to thecontrol module. The control module controls the control device to be inthe open state or the locked state, and with a decoding key stored inthe first memory. A plurality of user mobile devices is provided. Anaccess program is installed in each of the plurality of user mobiledevices. Each of the plurality of user mobile devices includes a firstprocessor, a second memory electrically connected to the firstprocessor, and a first wireless transmission module electricallyconnected to the first processor. Each of the plurality of user mobiledevices further includes a first input device. The first input device isconfigured for electrical connection with the wireless transmissiondevice. A management program is installed in a manager mobile device.The manager mobile device includes a second processor and a secondwireless transmission module electrically connected to the secondprocessor. The second wireless transmission module is configured topermit connection with the wireless transmission device and configuredto permit connection with each of the first wireless transmissionmodules. A manager server is electrically connected to the wirelesstransmission module of the controller. The management server can beconnected to each of the plurality of user mobile devices via the firstwireless transmission module of each of the plurality of the user mobiledevices. The management server can be connected to the manager mobiledevice via the second wireless transmission module to grant authority ofthe manager mobile device to log in and operate the management server.

When each of the plurality of user mobile devices executes the accessprogram for the first time, each of the plurality of user mobile devicesrequests a holder thereof to use the first input device to input aninitial first identification information, permits connection to themanage server via the first wireless transmission module, and permitsthe first wireless transmission module to be connected to the wirelesstransmission device or the second wireless transmission module.

When the manager mobile device is executing the management program, themanager mobile device is permitted to log in the management server.

When the manager mobile device is executing the management program andis located outside of a communication range of the management server,the manager mobile device is not permitted to log in the managementserver.

When the manager mobile device is executing the access program and whenany one of the plurality of user mobile devices is executing the accessprogram, the first wireless transmission module of any one of theplurality of user mobile devices is permitted to connect with the secondwireless transmission module.

When the manager mobile device is executing the access program and whenany one of the plurality of user mobile devices executing the accessprogram and is located outside of a communication range of the secondwireless transmission module, the first wireless transmission module ofany one of the plurality of user mobile devices is not connected to thesecond wireless transmission module.

When the first wireless transmission module of any one of the pluralityof user mobile devices is connected with the second wirelesstransmission module and when the manager mobile device has logged in themanagement server, the manager mobile device sends the initial firstidentification information of the connected user mobile device to themanagement server, the management server executes an authenticationprocedure to generate authenticated initial first identificationinformation, the management server uses the encoding key to encode theauthenticated initial first identification information as first encodedinformation, and the first encoded information is stored in managementserver.

When the first wireless transmission module of each of the plurality ofuser mobile devices is not in connection with the second wirelesstransmission module, the manager mobile device is not permitted toobtain the initial first identification information of each of theplurality of user mobile devices.

When the first wireless transmission module of any one of the pluralityof user mobile devices is in connection with the management server, themanagement server identifies an identity of the connected user mobiledevice.

When the management server successfully identifies the identity of theconnected user mobile device, the management server is permitted to sendthe first encoded information related to the connected user mobiledevice to temporarily store the first encoded information in theconnected user mobile device.

When the management server fails to identify the identity of theconnected user mobile device, the management server is not permitted tosend the first encoded information related to the connected user mobiledevice to the connected user mobile device.

When the first wireless transmission module of each of the plurality ofuser mobile devices is not in connection with the management server, themanagement server does not send the first encoded information related tothe connected user mobile device to the connected user mobile device.

Every time the first wireless transmission module of any one of theplurality of user mobile devices is in connection with the wirelesstransmission device, the access program of the connected user mobiledevice requests the holder of the connected user mobile device to usethe first input device to input an instant first identificationinformation, and the controller obtains the first encoded informationand the instant first identification information of the connected usermobile device.

When none of the first wireless transmission modules of the plurality ofuser mobile devices are in connection with the wireless transmissiondevice, the controller is not permitted to obtain the first encodedinformation and the instant first identification information of each ofthe plurality of user mobile devices.

After the controller has obtained the first encoded information of theconnected user mobile device, the first encoded information is deletedfrom the connected user mobile device.

The controller is permitted to use the decoding key to decode the firstencoded information, obtaining the authenticated initial firstidentification information contained in the first encoded information.

When the control module identifies that the authenticated initial firstidentification information of the connected user mobile device isidentical to the instant first identification information, the controlmodule sets the control device to be in the open state.

When the control module identifies that the authenticated initial firstidentification information of the connected user mobile device is notidentical to the instant first identification information, the controlmodule sets the control device to be in the locked state. When thecontrol device is set to be in the open state, the controller transmitsdoor opening information to the management server, and the door openinginformation is stored in the management server.

When the manager mobile device logs in the management server, themanager mobile device is permitted to select at least one first encodedinformation and to delete or change the selected at least one firstencoded information.

The controller can further include a time module electrically connectedto the control module. The time module can provide a date and a time.The manager mobile device uses the encoding key to encode theauthenticated initial first identification information, an accesspermission start time, and an access permission end time as the firstencoded information. After the controller has obtained the first encodedinformation of the connected user mobile device and the instant firstidentification information, the decoding key is used to decode the firstencoded information to obtain the authenticated initial firstidentification information, the access permission start time, and theaccess permission end time contained in the first encoded information.When the control module identifies that the authenticated initial firstidentification information of the connected user mobile device isidentical to the instant first identification information and identifiesthat the time of the time module is between the access permission starttime and the access permission end time, the control module sets thecontrol device to be in the open state. When the control moduleidentifies that the authenticated initial first identificationinformation of the connected user mobile device is not identical to theinstant first identification information or identifies that the time ofthe time module is not between the access permission start time and theaccess permission end time, the control module sets the control deviceto be in the locked state.

Each of the plurality of user mobile devices can have a first hardwareidentification number, and the first hardware identification numbers ofthe plurality of user mobile devices are different from each other. Whenthe first wireless transmission module of any one of the plurality ofuser mobile devices is in connection with the second wirelesstransmission module, the manager mobile device is permitted to obtainthe first hardware identification number and the initial firstidentification information of the connected user mobile device, themanagement server executes the authentication procedure to generate anauthenticated first hardware identification number and authenticatedinitial first identification information based on the first hardwareidentification number and the initial first identification information,and the encoding key is used to encode the authenticated first hardwareidentification number and the authenticated initial first identificationinformation as the first encoded information. When none of the firstwireless transmission modules of the plurality of user mobile devicesare in communication with the second wireless transmission module, themanager mobile device is not permitted to obtain the initial firstidentification information and the first hardware identification numberof each of the plurality of user mobile devices. When the first wirelesstransmission module of any one of the plurality of user mobile devicesis in communication with the wireless transmission device, the controlmodule is permitted to obtain an instant first hardware identificationnumber of the connected user mobile device. When none of the firstwireless transmission modules of the plurality of user mobile devicesare in communication with the wireless transmission device, the controlmodule is not permitted to obtain the instant first hardwareidentification number of each of the plurality of user mobile devices.When the control module identifies that the authenticated initial firstidentification information of the connected user mobile device isidentical to the instant first identification information and identifiesthat the authenticated first hardware identification number of theconnected user mobile device is identical to the instant first hardwareidentification number, the control module sets the control device to bein the open state. When the control module identifies that theauthenticated initial first identification information of the connecteduser mobile device is not identical to the instant first identificationinformation or identifies that the authenticated first hardwareidentification number of the connected user mobile device is notidentical to the instant first hardware identification number, thecontrol module sets the control device to be in the locked state.

The manager mobile device can include a second hardware identificationnumber and a second input device electrically connected to the secondprocessor. When the manager mobile device executes the managementprogram for the first time, a manager using the manager mobile device isrequested to use the second input device to input an initial secondhardware identification number, the management server executes anauthentication procedure to generate authenticated initial secondidentification information and an authenticated second hardwareidentification number based on the initial second identificationinformation and the second hardware identification number, themanagement server uses the decoding key to encode the authenticatedinitial second identification information and the authenticated secondhardware identification number as second encoded information, and thesecond encoded information is stored in the management server. When thesecond wireless transmission module of the manager mobile device inconnection with the management server, the management server ispermitted to transmit the second encoded information to the managermobile device and to temporarily store the second encoded information inthe manager mobile device. When the second wireless transmission moduleof the manager mobile device is not in connection with the managementserver, the management server is not permitted to transmit the secondencoded information to the manager mobile device. Every time the secondwireless transmission module of the manager mobile device is connectedto the wireless transmission device of the controller and the managementserver, the manager program of the manager mobile device requests aholder of the manager mobile device to use the second input device toinput an instant second identification information and picks up aninstant second hardware identification number of the connected managermobile device, and the controller is permitted to obtain the secondencoded information, the instant second hardware identification number,and the instant second identification information. After the controllerhas obtained the second encoded information, the second hardwareidentification number, and the second identification information of themanager mobile device, the decoding key is used to decode the secondencoded information to obtain the authenticated second hardwareidentification number and the authenticated initial secondidentification information contained in the second encoded information.After the controller has obtained the second encoded information of themanager mobile device, the second encoded information is deleted fromthe manager mobile device. When the control module identifies that theauthenticated second hardware identification number of the managermobile device is identical to the instant second hardware identificationnumber and identifies that the authenticated initial secondidentification information is identical to the instant secondidentification information of the manager mobile device, the controlmodule sets the control device to be in the open state. When the controlmodule identifies that the authenticated second hardware identificationnumber of the manager mobile device is not identical to the instantsecond hardware identification number or identifies that theauthenticated initial second identification information is not identicalto the instant second identification information of the manager mobiledevice, the control module sets the control device to be in the lockedstate.

In an example, each first input device is an image pick-up device. Theholder of a respective one of the plurality of user mobile devices isrequested to use the first input device to pick up a facial image of theholder of the respective one of the plurality of user mobile devices,and characteristics of the facial image of the holder of the respectiveone of the plurality of user mobile devices are encoded to be used asthe initial first identification information or the instant firstidentification information. The second input device is an image pick-updevice. The holder of the manager mobile device is requested to use thesecond input device to pick up a facial image of the holder of themanager mobile device, and characteristics of the facial image of theholder of the manager mobile device are encoded to be used as theinitial second identification information or the instant secondidentification information.

In another example, each first input device is a microphone. The holderof a respective one of the plurality of user mobile devices is requestedto use the first input device to pick up a voice of the holder of therespective one of the plurality of user mobile devices, and the voice ofthe holder of the respective one of the plurality of user mobile devicesis edited as a vocal print which is used as the initial firstidentification information or the instant first identificationinformation. The second input device is a microphone. The holder of themanager mobile device is requested to use the second input device topick up a voice of the holder of the manager mobile device, and thevoice of the holder of the manager mobile device is edited as a vocalprint which is used as the initial second identification information orthe instant second identification information.

In a further example, each first input device is a fingerprint inputdevice. The holder of a respective one of the plurality of user mobiledevices is requested to use the first input device to pick up afingerprint of the holder of the respective one of the plurality of usermobile devices, and characteristics of the fingerprint are encoded to beused as the initial first identification information or the instantfirst identification information. The second input device is afingerprint input device. The holder of the manager mobile device isrequested to use the second input device to pick up a fingerprint of theholder of the manager mobile device, and characteristics of thefingerprint are encoded to be used as the initial second identificationinformation or the instant second identification information.

In still another example, each first input device is a finger veinrecognition device. The holder of a respective one of the plurality ofuser mobile devices is requested to use the first input device to pickup a finger vein image of the holder of the respective one of theplurality of user mobile devices, and characteristics of the finger veinimage of the holder of the respective one of the plurality of usermobile devices are encoded to be used as the initial firstidentification information or the instant first identificationinformation. The second input device is a finger vein recognitiondevice. The holder of the manager mobile device is requested to use thesecond input device to pick up a finger vein image of the holder of themanager mobile device, and characteristics of the finger vein image ofthe holder of the manager mobile device are encoded to be used as theinitial second identification information or the instant secondidentification information.

In yet another example, each first input device is an iris recognitiondevice. The holder of a respective one of the plurality of user mobiledevices is requested to use the first input device to pick up the irisimage of the holder of the respective one of the plurality of usermobile devices, and characteristics of the iris image of the holder ofthe respective one of the plurality of user mobile devices are encodedto be used as the initial first identification information or theinstant first identification information. The second input device is aniris recognition device. The holder of the manager mobile device isrequested to use the second input device to pick up the iris image ofthe holder of the manager mobile device, and characteristics of the irisimage of the holder of the manager mobile device are encoded to be usedas the initial second identification information or the instant secondidentification information.

In still another example, each first input device includes a touchscreen. The holder of the user mobile device is requested to use thetouch screen of the first input device to input a pin number or aspecific FIGURE of the holder of the user mobile device. The pin numberor the specific FIGURE of the holder of the user mobile device is usedas the initial first identification information or the instant firstidentification information. The second input device is a touch screen,the holder of the manager mobile device is requested to use the touchscreen of the second input device to input a pin number or a specificFIGURE of the holder of the manager mobile device, and the pin number orthe specific FIGURE of the holder of the manager mobile device is usedas the initial second identification information or the instant secondidentification information.

The control device can be a door lock adapted to be mounted to a door.The door lock includes a locking mechanism electrically connected to thecontrol module and a latch operably connected to the locking mechanism.The control module can be controlled to be in a locking state or anunlocking state. The latch is movable between a latching position and anunlatching position. When the control module identifies that theauthenticated initial first identification information of the connecteduser mobile device is identical to the instant first identificationinformation, the control module controls the locking mechanism to be inthe unlocking state permitting the latch to move from the latchingposition to the unlatching position, and the door lock is in an openstate. When the control module identifies that the authenticated initialfirst identification information of the connected user mobile device isnot identical to the instant first identification information, thecontrol module controls the locking mechanism to be in the locking statenot permitting the latch to move from the latching position to theunlatching position, and the door lock is in a locked state.

Illustrative embodiments will become clearer in light of the followingdetailed description described in connection with the drawing.

DESCRIPTION OF THE DRAWING

The FIGURE is a diagrammatic block diagram of a control system accordingto the present invention.

DETAILED DESCRIPTION

With reference to the FIGURE, a control system 10 includes a controldevice 20. Control system 10 has a wide range of applications. Forexample, in a case that control system 10 is used for controlling accessto a door or a passage, control device 20 can be a door lock, or anelectric door (such as an electric glass door or an electric rollershutter in a bazaar) and a driving device of the electric door, or agate of a parking lot, Mass Rapid Transit, or a platform of a trainstation. In another case that control system 10 is used in preventingtheft of articles, control device 20 can be a lock mounted on thearticle, such as a lock for a safe, a bicycle, an automobile, or amotorcycle. Control system 10 will now be set forth by way of example ofcontrolling access to a door.

According to the form shown, control system 10 further includes acontroller 32, a plurality of user mobile devices 44, and a managermobile device 54. Each user mobile device 44 and manager mobile device54 can be connected to controller 32.

Control device 20 includes a door lock mounted to a door. Control device20 can include a locking mechanism 30, an unlatching mechanism 22operably connected to locking mechanism 30, a latch 24 operablyconnected to unlatching mechanism 22, and first and second handles 26and 28 operably connected to unlatching mechanism 22. Latch 24 ismovable between a latching position outside of the door and anunlatching position retracted into the door. When locking mechanism 30is controlled to be in a locking state, latch 24 is prohibited frommoving from the latching position to the unlatching position. In thiscase, control device 20 is set to be in the locked state. On the otherhand, when locking mechanism 30 is controlled to be in an unlockingstate, latch 24 is permitted to move from the latching position to theunlatching position. In this case, control device 20 is set to be in anopen state.

Controller 32 includes a control module 34 electrically connected tolocking mechanism 30. A first memory 38 is electrically connected tocontrol module 34. A decoding key is stored in first memory 38.Controller 32 further includes a wireless transmission device 42electrically connected to control module 34 and a time module 40electrically connected to control module 34. Time module 40 can be usedto calculate the date and time and can be set to be identical to thelocal time. Thus, control module 34 can read the date and time from timemodule 40. Furthermore, a power supply unit 36 is electrically connectedto control module 34 to provide control module 34 with electricityrequired for operation and to provide electricity to first memory 38,time module 40, and wireless transmission device 42 through controlmodule 34

Each user mobile device 44 can be a cell phone, a wearable device (suchas smartglasses or a smartwatch), a tablet, or a notebook. Each usermobile device 44 includes a first processor 46, a second memory 48electrically connected to first processor 46, a first wirelesstransmission module 50 electrically connected to first processor 46, anda first input device 52 electrically connected to first processor 46.Furthermore, each user mobile device 44 includes a first hardwareidentification number, such as an international mobile equipmentidentity (IMEI). The first hardware identification numbers of the usermobile devices 44 are different from one another. An access program isdownloaded to and installed in each user mobile device 44. Execution ofthe access program permits each user mobile device 44 to be connected towireless transmission device 42 via first wireless transmission module50 and controller 32.

Furthermore, first input device 52 of each user mobile device 44 can bean image pick-up device, a microphone, a fingerprint input device, afinger vein recognition device, an iris recognition device, a touchscreen, or a combination thereof. Execution of the access programpermits use of first input device 52 to input a first identificationinformation. In a case that first input device 52 is an image pick-updevice, a holder of user mobile device 44 will be requested to use theimage pick-up device to pick up the facial image of the holder of usermobile device 44, and the characteristics of the facial image of theholder of user mobile device 44 are encoded to be used as the firstidentification information. In another case that first input device 52is a microphone, the holder of user mobile device 44 will be requestedto use the microphone to pick up the voice of the holder of user mobiledevice 44, and the voice of the holder of user mobile device 44 isedited as a vocal print which is used as the first identificationinformation. In a further case that first input device 52 is afingerprint input device, the holder of user mobile device 44 will berequested to use the fingerprint input device to pick up the fingerprintof the holder of user mobile device 44, and the characteristics of thefingerprint are encoded to be used as the first identificationinformation. In still another case that first input device 52 is afinger vein recognition device, the holder of user mobile device 44 willbe requested to use the finger vein recognition device to pick up thefinger vein image of the holder of user mobile device 44, and thecharacteristics of the finger vein image of the holder of user mobiledevice 44 are encoded to be used as the first identificationinformation. In yet another example that first input device 52 is aniris recognition device, the holder of user mobile device 44 will berequested to use the iris recognition device to pick up the iris imageof the holder of user mobile device 44, and the characteristics of theiris image of the holder of user mobile device 44 are encoded to be usedas the first identification number. In still another example that firstinput device 52 is a touch screen, the holder of user mobile device 44will be requested to use the touch screen to input the pin number or thespecific FIGURE of the holder of user mobile device 44, and the pinnumber or the specific FIGURE of the holder of user mobile device 44 isused as the first identification number.

Manager mobile device 54 can be a cell phone, a wearable device (such assmartglasses or a smartwatch), a tablet, or a notebook. Manager mobiledevice 54 includes a second processor 56, a second wireless transmissionmodule 60 electrically connected to second processor 56, and a secondinput device 62 electrically connected to second processor 56. Amanagement program is downloaded into and installed in manager mobiledevice 54. Execution of the management program permits manager mobiledevice 54 to connect with wireless transmission device 42 of controller32 via second wireless transmission module 60. Furthermore, managermobile device 54 has a unique second hardware identification number,such as an international mobile equipment identity (IMEI).

Furthermore, second input device 62 of manager mobile device 54 can bean image pick-up device, a microphone, a fingerprint input device, afinger vein recognition device, an iris recognition device, a touchscreen, or a combination thereof. Execution of the access programpermits use of second input device 62 to input a second identificationinformation. In a case that second input device 62 is an image pick-updevice, a holder of manager mobile device 54 will be requested to usethe image pick-up device to pick up the facial image of the holder ofmanager mobile device 54, and the characteristics of the facial imageare encoded to be used as the second identification information. Inanother case that second input device 62 is a microphone, the holder ofmanager mobile device 54 will be requested to use the microphone to pickup the voice of the holder of manager mobile device 54, and the voice ofthe holder of manager mobile device 54 is edited as a vocal print whichis used as the second identification information. In a further case thatsecond input device 62 is a fingerprint input device, the holder ofmanager mobile device 54 will be requested to use the fingerprint inputdevice to pick up the fingerprint of the holder of manager mobile device54, and the characteristics of the fingerprint of the holder of managermobile device 54 are encoded to be used as the second identificationinformation. In still another case that second input device 62 is afinger vein recognition device, the holder of manager mobile device 54will be requested to use the finger vein recognition device to pick upthe finger vein image of the holder of manager mobile device 54, and thecharacteristics of the finger vein image of the holder of manager mobiledevice 54 are encoded to be used as the second identificationinformation. In yet another example that second input device 62 is aniris recognition device, the holder of manager mobile device 54 will berequested to use the iris recognition device to pick up the iris imageof the holder of manager mobile device 54, and the characteristics ofthe iris image of the holder of manager mobile device 54 are encoded tobe used as the second identification number. In still another examplethat second input device 62 is a touch screen, the holder of managermobile device 54 will be requested to use the touch screen to input thepin number or the specific FIGURE of the holder of manager mobile device54, and the pin number or the specific FIGURE of the holder of managermobile device 54 is used as the second identification number.

Control system 10 further includes a management server 64 having astorage device with an encoding key. When the access program of any usermobile device 44 is executed, the user mobile device 44 can use firstwireless transmission module 50 to directly connect with managementserver 64 or can use first wireless transmission module 50 to connectwith management server 64 via the Internet, a mobile communicationnetwork, or a local area network. When the management program isexecuted, manager mobile device 54 can use second wireless transmissionmodule 60 to connect with management server 64 via the Internet, themobile communication network, or the local area network.

Now that the basic construction of control system 10 has been explained,the operation and some of the advantages of control system 10 can be setforth and appreciated. In particular, for the sake of explanation, itwill be assumed that control system 10 is used for the first time.Locking mechanism 30 is preset in the locking state. Latch 24 is in thelatching position and cannot be moved to the unlatching position. Thus,control device 20 is set to be in the locked state. Furthermore, it willbe assumed that first and second input devices 52 and 62 are imagepick-up devices.

In the first use, each user mobile device 44 executes the access programfor the first time, and the execution program requests the holder ofuser mobile device 44 to use first input device 52 to input the facialimage of the holder of user mobile device 44, and the characteristics ofthe facial image of the holder of user mobile device 44 are encoded tobe used as an initial first identification information.

When manager mobile device 54 executes the management program for thefirst time, manager mobile device 54 uses the management program toconnect with management server 64 via second wireless transmissionmodule 60. After connection, the account number and the pin number canbe inputted to log in management server 64 to obtain the managementauthority. Furthermore, when the management program is executed for thefirst time, the management program requests the holder of manager mobiledevice 54 to use second input device 62 to pick up the facial image ofthe holder of manager mobile device 54, and the characteristics of thefacial image are encoded to form an initial second identificationinformation. Furthermore, when the management program is executed forthe first time, manager mobile device 54 will pick up an initial secondhardware identification number (e.g., the IMEI of manager mobile device54) for authentication purposes.

Manager mobile device 54 can use management server 64 to grant theaccess authority to each user mobile device 44. Specifically, whenmanager mobile device 54 is executing the management program and whenany user mobile device 44 is executing the access program, if the usermobile device 44 is within the communication range of second wirelesstransmission module 60 of manager mobile device 54, manager mobiledevice 54 and the user mobile device 44 can be connected with each othervia first wireless transmission module 50 and second wirelesstransmission module 60.

Note that each user mobile device 44 and manager mobile device 54 arenot limited to direct, mutual connection. Namely, if each user mobiledevice 44 is using the Internet, a mobile communication network (such as3G or 4G mobile communication network), or a local area network, managermobile device 54 can be connected to the Internet, the mobilecommunication network, or the local area network, such that each usermobile device 44 and manager mobile device 54 can be connected with eachother via the Internet, the mobile communication network, or the localarea network even if each user mobile device 44 is not within thecommunication range of second wireless transmission module 60.

On the other hand, if none of user mobile devices 44 are within thecommunication range of second wireless transverse module 60 of managermobile device 54, nor any user mobile device 44 is using the Internet,the mobile communication network, or the local area network, managermobile device 54 cannot be connected to any user mobile device 44 viafirst wireless transmission module 50 and second wireless transmissionmodule 60, regardless of execution of the access program and themanagement program.

A user mobile device 44 connected to manager mobile device 54 permitsthe initial first identification information and the first hardwareidentification number to be sent to manager mobile device 54 together.Note that after the user mobile device 44 has transmitted the initialfirst identification information to manager mobile device 54, theinitial first identification information is deleted from the user mobiledevice 44. Manager mobile device 54 logs in management server 64 andsends the initial identification information and the first hardwareidentification number obtain from the user mobile device 44 tomanagement server 64 for authentication, generating authenticatedinitial first identification information and an authenticated firsthardware identification number. Management server 64 uses the encodingkey to encode the authenticated initial first identification informationand the authenticated first hardware identification number together asfirst encoded information, and the first encoded information is storedin the storage device of management server 64. The first encodedinformation has no expiration date (time-unlimited access authority). Ifit is desired to set an expiration date (time-limited access authority)for the first encoded information, the encoding key can be used toencode the initial first identification information, the first hardwareidentification number, an access permission start time, and an accesspermission end time together as the first encoded information, and thefirst encoded information is stored in the storage device of managementserver 64 and is only valid between the access permission start time andthe access permission end time. Thus, the user mobile device 44connected to manager mobile device 54 is granted with the accessauthority. The access permission start time and the access permissionend time can include the date and time (year, month, date, hour, andminute). Manager mobile device 54 is operated repeatedly to grantauthority to each user mobile device 44.

Manager mobile device 54 can grant the access authority to itself.Specifically, after manager mobile device 54 has logged in managementserver 64, the management program sends the initial secondidentification information and the second hardware identification numberof manager mobile device 54 back to management server 64, and managementserver 64 executes an authentication procedure to generate authenticatedinitial second identification information and an authenticated secondhardware identification number based on the initial secondidentification information and the second hardware identificationnumber. Management server 64 uses the encoding key to encode theauthenticated initial second identification information and theauthenticated second hardware identification number as second encodedinformation, and the second encoded information is stored in the storagedevice of management server 64. Thus, manager mobile device 54 isgranted with the access authority.

When it is desired to use a user mobile device 44 granted with theaccess authority to access the door, the user mobile device 44 executesthe access program and is connected to management server 64. The usermobile device 44 is placed within the communication range of wirelesstransmission device 42 of controller 32. Management server 64 identifiesthe identity of the connected user mobile device 44 (such as using thefirst hardware identification number of the user mobile device 44).Furthermore, management server 64 transmits the first encodedinformation related to the user mobile device 44 to the connected usermobile device 44, and the first encoded information is temporarilystored in the connected user mobile device 44. Then, the access programwill request the holder of the user mobile device 44 to use first inputdevice 52 to pick up the facial image of the holder of the user mobiledevice 44 again. The facial image of the holder of the user mobiledevice 44 is used to generate an instant first identificationinformation. Then, the user mobile device 44 connected to controller 32transmits the first encoded information, the instant firstidentification information, and the instant first hardwareidentification number to controller 32. Namely, every time each usermobile device 44 is connected to controller 32 and management server 64,each user mobile device 44 will request its holder to input the facialimage of its holder, and the access program will automatically pick upthe first hardware identification number (i.e., the instant firsthardware identification number) of each user mobile device 44 connectedto controller 32 and management server 64. Please note that after a usermobile device 44 transmits the first encoded information to controller32, the first encoded information is deleted from the user mobile device44.

After controller 32 has received the first encoded information, theinstant first identification information, and the instant first hardwareidentification number, the decoding key is used to decode the firstencoded information. Thus, controller 32 obtains the authenticatedinitial first identification information and the authenticated firsthardware identification number (time-unlimited access authority)contained in the first encoded information. Alternatively, controller 32obtains the authenticated initial first identification information, theauthenticated first hardware identification number, the accesspermission start time, and the access permission end time(time-unlimited access authority) contained in the first encodedinformation. Next, control module 34 of controller 32 identifies whetherthe authenticated initial first identification information is identicalto the instant first identification information and identifies whetherthe authenticated first hardware identification number is identical tothe instant first hardware identification number.

In a case that the first encoded information does not include the accesspermission start time and the access permission end time, aftercomparison by control module 34, if the authenticated initial firstidentification information is not identical to the instant firstidentification information or the authenticated first hardware number isnot identical to the instant first hardware identification number,locking mechanism 30 remains in the locking state to prohibit latch 24from moving from the latching position to the unlatching position. Thus,control device 20 is set to be in the locked state, and the door cannotbe opened. Furthermore, controller 32 transmits information related tofailure in opening the door and related message (such as the instantfirst hardware identification number and the instant identificationinformation of the user mobile device 44 trying to open the door and thetime trying to open the door) back to management server 64, andmanagement server 64 stores this information related to the failure inopening the door. On the other hand, if the authenticated initial firstidentification information is identical to the instant firstidentification information, and the authenticated first hardwareidentification number is identical to the instant first hardwareidentification number, control module 34 of controller 32 controlslocking mechanism 30 to be in the unlocking state permitting latch 24 tomove from the latching position to the unlatching position. Thus,control device 20 is set to be in the open state, and first handle 26 orsecond handle 28 can be pivoted to drive unlatching mechanism 22 to movelatch 24 from the latching position to the unlatching position, therebyopening the door. Furthermore, controller 32 transmits informationrelated to success in opening the door and related message (such as theinstant first hardware identification number and the instantidentification information of the user mobile device 44 thatsuccessfully opens the door and the time the door is opened) back tomanagement server 64, and management server 64 stores this informationrelated to the successful opening of the door.

In another case that the first encoded information includes the accesspermission start time and the access permission end time, aftercomparison by control module 34, if the authenticated initial firstidentification information is not identical to the instant firstidentification information or the authenticated first hardwareidentification number is not identical to the instant first hardwareidentification number, locking mechanism 30 remains in the locking stateto prohibit latch 24 from moving from the latching position to theunlatching position. Thus, control device 20 is set to be in the lockedstate, and the door cannot be opened. Furthermore, controller 32transmits information related to failure in opening the door and relatedmessage (such as the instant first hardware identification number andthe instant identification information of the user mobile device 44trying to open the door and the time trying to open the door) back tomanagement server 64, and management server 64 stores this informationrelated to the failure in opening the door.

In the case that the first encoded information includes the accesspermission start time and the access permission end time, aftercomparison by control module 34, if the authenticated initial firstidentification number is identical to the instant first identificationinformation, and the authenticated first hardware identification numberis identical to the instant first hardware identification number, butthe connection time between controller 32 and the user mobile device 44is not between the access permission start time and the accesspermission end time, locking mechanism 30 remains in the locking stateto prohibit latch 24 from moving from the latching position to theunlatching position. Thus, control device 20 is set to be in the lockedstate, and the door cannot be opened. Furthermore, controller 32transmits information related to failure in opening the door and relatedmessage (such as the instant first hardware identification number andthe instant identification information of the user mobile device 44trying to open the door and the time trying to open the door) back tomanagement server 64, and management server 64 stores this informationrelated to the failure in opening the door.

In the case that the first encoded information includes the accesspermission start time and the access permission end time, aftercomparison by control module 34, if the authenticated initial firstidentification number information is identical to the instant firstidentification information, the authenticated first hardwareidentification number is identical to the instant first hardwareidentification number, and the connection time between controller 32 andthe user mobile device 44 is between the access permission start timeand the access permission end time, control module 34 of controller 32controls locking mechanism 30 to be in the unlocking state permittinglatch 24 to move from the latching position to the unlatching position.Thus, control device 20 is set to be in the open state, and first handle26 or second handle 28 can be pivoted to drive unlatching mechanism 22to move latch 24 from the latching position to the unlatching position,thereby opening the door. Furthermore, controller 32 transmitsinformation related to success in opening the door and related message(such as the instant first hardware identification number and theinstant identification information of the user mobile device 44 thatsuccessfully opens the door and the time the door is opened) back tomanagement server 64, and management server 64 stores this informationrelated to the successful opening of the door.

After the user mobile device 44 has been connected to management server64, if management server 64 cannot identify the user mobile device 44,or the identification fails, or there is no corresponding first encodedinformation of the connected user mobile device 44, management server 64will not transmit any first encoded information or any second encodedinformation to the connected user mobile device 44, such that theconnected user mobile device 44 cannot be used to control the controldevice 20 to be in the open state.

If it is desired to use manager mobile device 54 to open the door,manager mobile device 54 executes the management program, is connectedto management server 64, and is placed within the communication range ofwireless transmission device 42 of controller 32. Management server 64identifies the identity of manager mobile device 54 (such as using thesecond hardware identification number of manager mobile device 54).Furthermore, management server 64 transmits the second encodedinformation related to manager mobile device 54 to the connected managermobile device 54. Thus, the management program requests the holder ofmanager mobile device 54 to reuse second input device 62 to pick up thefacial image of the holder of manager mobile device 54 for generating aninstant second identification information. Then, manager mobile device54 connected to controller 32 transmits the second encoded information,the instant second identification information, and an instant secondhardware identification number to controller 32. Namely, every timemanager mobile device 54 is connected to controller 32 and managementserver 64, manager mobile device 54 will request the holder to input thefacial image of the holder of manager mobile device 54 connected tocontroller 32 and management server 64, and the management program willautomatically pick up the second hardware identification number (i.e.,the instant second hardware identification number) of manager mobiledevice 54 connected to controller 32.

After controller 32 has received the second encoded information, theinstant second identification information, and the instant secondhardware identification number, the decoding key is used to decode thesecond encoded information. Thus, controller 32 obtains theauthenticated initial second identification information and theauthenticated second hardware identification number contained in thesecond encoded information. Next, control module 34 of controller 32identifies whether the authenticated initial second identificationinformation is identical to the instant second identificationinformation and identifies whether the authenticated second hardwarenumber is identical to the instant second hardware identificationnumber.

After comparison by control module 34, if the authenticated initialsecond identification information is not identical to the instant secondidentification information or the authenticated second hardwareidentification number is not identical to the instant second hardwareidentification number, locking mechanism 30 remains in the locking stateto prohibit latch 24 from moving from the latching position to theunlatching position. Thus, control device 20 is set to be in the lockedstate, and the door cannot be opened. Furthermore, controller 32transmits information related to failure in opening the door and relatedmessage (such as the instant first hardware identification number andthe instant identification information of the user mobile device 44trying to open the door and the time trying to open the door) back tomanagement server 64, and management server 64 stores this informationrelated to the failure in opening the door.

On the other hand, after comparison by control module 34, if theauthenticated initial second identification information is identical tothe instant second identification information and the authenticatedsecond hardware identification number is identical to the instant secondhardware identification number, control module 34 of controller 32controls locking mechanism 30 to be in the unlocking state permittinglatch 24 to move from the latching position to the unlatching position.Thus, control device 20 is set to be in the open state, and first handle26 or second handle 28 can be pivoted to drive unlatching mechanism 22to move latch 24 from the latching position to the unlatching position,thereby opening the door. Furthermore, controller 32 transmitsinformation related to success in opening the door and related message(such as the instant first hardware identification number and theinstant identification information of the user mobile device 44 thatsuccessfully opens the door and the time the door is opened) back tomanagement server 64, and management server 64 stores this informationrelated to the successful opening of the door.

Note that every time a user mobile device 44 is connected to controller32, if the holder of the user mobile device 44 does not input theinstant first identification information, the first encoded informationwill not be transmitted to controller 32. Likewise, every time managermobile device 54 is connected to controller 32, if the holder of managermobile device 54 does not input the instant second identificationinformation, the second encoded information will not be transmitted tocontroller 32.

Any user mobile device 44 with granted access authority could be lostand be found by a person other than the original holder. If the personfinding the user mobile device 44 uses the user mobile device 44 toexecute the access program with an intention to open control device 20,the access program requests the person to use first input device 52 toinput the instant first identification information, and the firstencoded information, the instant first identification information, andthe instant first hardware identification number are transmitted tocontroller 32. Control module 34 uses the decoding key to decode thefirst encoded information. Then, control module 34 can find that theauthenticated initial first identification information is different fromthe instant first identification information. Thus, even though theauthenticated first hardware number is identical to the instant firsthardware identification number, locking mechanism 30 still remains inthe locking state to prohibit latch 24 from moving from the latchingposition to the unlatching position. Thus, control device 20 remains inthe locked state, and the door cannot be opened. Likewise, if managermobile device 54 is lost, the authenticated initial secondidentification information would be different from the instant secondidentification information to keep control device 20 in the lockedstate, avoiding opening of the door. Furthermore, controller 32transmits information related to failure in opening the door and relatedmessage (such as the instant first hardware identification number andthe instant identification information of the user mobile device 44trying to open the door and the time trying to open the door) back tomanagement server 64, and management server 64 stores this informationrelated to the failure in opening the door.

If an unauthorized person steals the first encoded information that isbeing transmitted in a state in which a user mobile device 44 isconnected to controller 32, the unauthorized person cannot know thecontent of the first encoded information without the correspondingdecoding key. Furthermore, even if the unauthorized person saves thefirst encoded information in his mobile device and installs the accessprogram to make his mobile device become a user mobile device 44, everytime the unauthorized person uses the user mobile device 44 to connectwith controller 32, the access program requests the unauthorized personto use the first input device 52 to input the instant firstidentification information, and the instant first identificationinformation will be transmitted to controller 32 together with theinstant first hardware identification number of the user mobile device44 being used by the unauthorized person. Thus, the instant firstidentification information inputted by the unauthorized person will beidentified to be different from the authenticated first identificationinformation, and the authenticated first hardware identification numberwill be identified to be different from the instant first hardwareidentification number. Thus, control device 20 remains in the lockedstate, and the door cannot be opened. Likewise, if the second encodedinformation of manager mobile device 54 is stolen, the authenticatedinitial second identification information will be identified to bedifferent from the instant second identification information, and theauthenticated second hardware identification number will be identifiedto be different from the instant hardware identification number. Thus,control device 20 remains in the locked state, and the door cannot beopened. Furthermore, controller 32 transmits information related tofailure in opening the door and related message (such as the instantfirst hardware identification number and the instant identificationinformation of the user mobile device 44 trying to open the door and thetime trying to open the door) back to management server 64, andmanagement server 64 stores this information related to the failure inopening the door.

After manager mobile device 54 has been connected to management server64, if management server 64 cannot identify manager mobile device 54, orthe identification fails, or there is no corresponding second encodedinformation of the connected manager mobile device 54, management server64 will not transmit any first encoded information or any second encodedinformation to the connected manager mobile device 54, such that theconnected manager mobile device 54 cannot be used to control the controldevice 20 to be in the open state.

After manager mobile device 54 has logged in management server 64,manager mobile device 54 is permitted to delete or change at least oneselected first encoded information. For example, after the first encodedinformation related to a user mobile device 44 of a user A has beendeleted, when the user mobile device 44 of the user A is connected tomanagement server 64, management server 64 cannot find the correspondingfirst encoded information while identifying the user mobile device 44 ofthe user A. In this case, the access authority of the user mobile device44 of the user A is cancelled, such that the user mobile device 44cannot be used to control the control device 20 to be in the open state.

Note that even if management server 64 mistakenly sends the firstencoded information or the second encoded information of a non-connecteduser mobile device 44 to the connected user mobile device 44 due tounexpected factors, controller 32 can identify that the authenticatedinitial first identification information in the first encodedinformation is different from the instant first identificationinformation, can identify that the authenticated first hardwareidentification number in the first encoded information is different fromthe instant first hardware identification number, can identify that theauthenticated initial second identification information in the secondencoded information is different from the instant second identificationinformation, and can identify that the authenticated second hardwareidentification number in the second encoded information is differentfrom the instant second hardware identification number. Similar resultoccurs if the situation happens on manager mobile device 54.

Furthermore, management server 64 can be a personal computer. In a casethat manager mobile device 54 is not used, the screen, the mouse, andthe keyboard of the personal computer can be used to input the accountnumber and the pin number to grant or cancel the access authority toeach user mobile device 44.

Control system 10 uses the authenticated initial first identificationinformation and the instant first identification information that mustbe inputted every time the user mobile device 44 is connected tocontroller 32 to avoid control device 20 from being switched to the openstate even if the user mobile device 44 is lost or the signal is pickedup by an unauthorized person, providing an excellent door access controleffect.

Furthermore, control system 10 uses the authenticated initial secondidentification information and the instant second identificationinformation that must be inputted every time manager mobile device 54 isconnected to controller 32 to avoid control device 20 from beingswitched to the open state even if manager mobile device 54 is lost orthe signal is picked up by an unauthorized person.

Manager mobile device 54 and each user mobile device 44 are connectedvia the Internet, a mobile communication network, or a local areanetwork, such that manager mobile device 54 can remotely grant theaccess authority to each user mobile device 44, effectively increasingthe management efficiency of control system 10.

Since the first encoded information corresponding to each user mobiledevice 44 is stored in the storage device of management server 64, evenif the access permission start time and the access permission end timeare not given while granting access authority to a user mobile device44, the first encoded information, when selected, can be cancelled oramended to cancel the access authority or change the access permissionduration of the user mobile device 44, which is advantageous tomanagement.

Furthermore, since the encoding key is stored in the storage device ofmanagement server 64 and since the correct account number and thecorrect pin number are required to log in management server 64, greatloss will be less likely to occur even if manager mobile device 54 islost. Furthermore, the manager can download and install the managementprogram into a new mobile device and can use the new mobile device tolog in the management server 64 by using the correct account number andthe correct pin number. Thus, the management and authority process canstill be conducted.

Furthermore, management server 64 can store every access record of theuser mobile device 44 connected to controller 32. Furthermore,management server 64 can store every instant first identificationinformation, every instant second identification information, everyinstant first hardware identification number, and every instant secondhardware identification number. When an illegal event occurs, theinstant first identification information, the instant secondidentification information, the instant first hardware identificationnumber, and the instant second hardware identification number can beused to track the suspect.

Thus since the illustrative embodiments disclosed herein may be embodiedin other specific forms without departing from the spirit or generalcharacteristics thereof, some of which forms have been indicated, theembodiments described herein are to be considered in all respectsillustrative and not restrictive. The scope is to be indicated by theappended claims, rather than by the foregoing description, and allchanges which come within the meaning and range of equivalency of theclaims are intended to be embraced therein.

The invention claimed is:
 1. A control system comprising: a controldevice controllable to be in an open state or a locked state; acontroller including a control module electrically connected to thecontrol device, a first memory electrically connected to the controlmodule, and a wireless transmission device electrically connected to thecontrol module, with the control module controlling the control deviceto be in the open state or the locked state, and with a decoding keystored in the first memory; a plurality of user mobile devices, with anaccess program installed in each of the plurality of user mobiledevices, with each of the plurality of user mobile devices including afirst processor, a second memory electrically connected to the firstprocessor, and a first wireless transmission module electricallyconnected to the first processor, with each of the plurality of usermobile devices further including a first input device, and with thefirst input device configured for electrical connection with thewireless transmission device; a manager mobile device, with a managementprogram installed in the manager mobile device, with the manager mobiledevice including a second processor and a second wireless transmissionmodule electrically connected to the second processor, and with thesecond wireless transmission module configured to permit connection withthe wireless transmission device and configured to permit connectionwith each of the first wireless transmission modules; and a managerserver electrically connected to the wireless transmission module of thecontroller, with the management server connectable to each of theplurality of user mobile devices via the first wireless transmissionmodule of each of the plurality of the user mobile devices, and with themanagement server connectable to the manager mobile device via thesecond wireless transmission module to grant authority of the managermobile device to log in and operate the management server, with each ofthe plurality of user mobile devices executing the access program for afirst time, each of the plurality of user mobile devices requests aholder thereof to use the first input device to input an initial firstidentification information, permits connection to the manage server viathe first wireless transmission module, and permits the first wirelesstransmission module to be connected to the wireless transmission deviceor the second wireless transmission module, wherein when the managermobile device is executing the management program, the manager mobiledevice is permitted to log in the management server, wherein when themanager mobile device is executing the management program and is locatedoutside of a communication range of the management server, the managermobile device is not permitted to log in the management server, with themanager mobile device executing the access program, and with any one ofthe plurality of user mobile devices executing the access program, thefirst wireless transmission module of any one of the plurality of usermobile devices is permitted to connect with the second wirelesstransmission module, with the manager mobile device executing the accessprogram, and with any one of the plurality of user mobile devicesexecuting the access program and located outside of a communicationrange of the second wireless transmission module, the first wirelesstransmission module of any one of the plurality of user mobile devicesis not connected to the second wireless transmission module, whereinwhen the first wireless transmission module of any one of the pluralityof user mobile devices is connected with the second wirelesstransmission module and when the manager mobile device has logged in themanagement server, the manager mobile device sends the initial firstidentification information of the connected user mobile device to themanagement server, the management server executes an authenticationprocedure to generate authenticated initial first identificationinformation, the management server uses the encoding key to encode theauthenticated initial first identification information as first encodedinformation, and the first encoded information is stored in managementserver, with the first wireless transmission module of each of theplurality of user mobile devices not in connection with the secondwireless transmission module, the manager mobile device is not permittedto obtain the initial first identification information of each of theplurality of user mobile devices, with the first wireless transmissionmodule of any one of the plurality of user mobile devices in connectionwith the management server, the management server identifies an identityof the connected user mobile device, wherein when the management serversuccessfully identifies the identity of the connected user mobiledevice, the management server is permitted to send the first encodedinformation related to the connected user mobile device to temporarilystore the first encoded information in the connected user mobile device,wherein when the management server fails to identify the identity of theconnected user mobile device, the management server is not permitted tosend the first encoded information related to the connected user mobiledevice to the connected user mobile device, with the first wirelesstransmission module of each of the plurality of user mobile devices notin connection with the management server, the management server does notsend the first encoded information related to the connected user mobiledevice to the connected user mobile device, with every time the firstwireless transmission module of any one of the plurality of user mobiledevices in connection with the wireless transmission device, the accessprogram of the connected user mobile device requests the holder of theconnected user mobile device to use the first input device to input aninstant first identification information, and the controller obtains thefirst encoded information and the instant first identificationinformation of the connected user mobile device, with none of the firstwireless transmission modules of the plurality of user mobile devices inconnection with the wireless transmission device, the controller is notpermitted to obtain the first encoded information and the instant firstidentification information of each of the plurality of user mobiledevices, wherein after the controller has obtained the first encodedinformation of the connected user mobile device, the first encodedinformation is deleted from the connected user mobile device, whereinthe controller is permitted to use the decoding key to decode the firstencoded information, obtaining the authenticated initial firstidentification information contained in the first encoded information,wherein when the control module identifies that the authenticatedinitial first identification information of the connected user mobiledevice is identical to the instant first identification information, thecontrol module sets the control device to be in the open state, whereinwhen the control module identifies that the authenticated initial firstidentification information of the connected user mobile device is notidentical to the instant first identification information, the controlmodule sets the control device to be in the locked state, wherein whenthe control device is set to be in the open state, the controllertransmits door opening information to the management server, and thedoor opening information is stored in the management server, and whereinwhen the manager mobile device logs in the management server, themanager mobile device is permitted to select at least one first encodedinformation and to delete or change the selected at least one firstencoded information.
 2. The control system as claimed in claim 1, withthe controller further including: a time module electrically connectedto the control module 34, with the time module providing a date and atime, wherein the manager mobile device uses the encoding key to encodethe authenticated initial first identification information, an accesspermission start time, and an access permission end time as the firstencoded information, wherein after the controller has obtained the firstencoded information of the connected user mobile device and the instantfirst identification information, the decoding key is used to decode thefirst encoded information to obtain the authenticated initial firstidentification information, the access permission start time, and theaccess permission end time contained in the first encoded information,wherein when the control module identifies that the authenticatedinitial first identification information of the connected user mobiledevice is identical to the instant first identification information andidentifies that the time of the time module is between the accesspermission start time and the access permission end time, the controlmodule sets the control device to be in the open state, and wherein whenthe control module identifies that the authenticated initial firstidentification information of the connected user mobile device is notidentical to the instant first identification information or identifiesthat the time of the time module is not between the access permissionstart time and the access permission end time, the control module setsthe control device to be in the locked state.
 3. The control system asclaimed in claim 1, with each of the plurality of user mobile deviceshaving a first hardware identification number, with the first hardwareidentification numbers of the plurality of user mobile devices differentfrom each other, with the first wireless transmission module of any oneof the plurality of user mobile devices in connection with the secondwireless transmission module, the manager mobile device is permitted toobtain the first hardware identification number and the initial firstidentification information of the connected user mobile device, themanagement server executes the authentication procedure to generate anauthenticated first hardware identification number and authenticatedinitial first identification information based on the first hardwareidentification number and the initial first identification information,and the encoding key is used to encode the authenticated first hardwareidentification number and the authenticated initial first identificationinformation as the first encoded information, with none of the firstwireless transmission modules of the plurality of user mobile devices incommunication with the second wireless transmission module, the managermobile device is not permitted to obtain the initial firstidentification information and the first hardware identification numberof each of the plurality of user mobile devices, with the first wirelesstransmission module of any one of the plurality of user mobile devicesin communication with the wireless transmission device, the controlmodule is permitted to obtain an instant first hardware identificationnumber of the connected user mobile device, with none of the firstwireless transmission modules of the plurality of user mobile devices incommunication with the wireless transmission device, the control moduleis not permitted to obtain the instant first hardware identificationnumber of each of the plurality of user mobile devices, wherein when thecontrol module identifies that the authenticated initial firstidentification information of the connected user mobile device isidentical to the instant first identification information and identifiesthat the authenticated first hardware identification number of theconnected user mobile device is identical to the instant first hardwareidentification number, the control module sets the control device to bein the open state, and wherein when the control module identifies thatthe authenticated initial first identification information of theconnected user mobile device is not identical to the instant firstidentification information or identifies that the authenticated firsthardware identification number of the connected user mobile device isnot identical to the instant first hardware identification number, thecontrol module sets the control device to be in the locked state.
 4. Thecontrol system as claimed in claim 1, with the manager mobile deviceincluding a second hardware identification number, with the managermobile device further including a second input device electricallyconnected to the second processor, with the manager mobile deviceexecuting the management program for a first time, a manager using themanager mobile device is requested to use the second input device toinput an initial second hardware identification number, the managementserver executes an authentication procedure to generate authenticatedinitial second identification information and an authenticated secondhardware identification number based on the initial secondidentification information and the second hardware identificationnumber, the management server uses the decoding key to encode theauthenticated initial second identification information and theauthenticated second hardware identification number as second encodedinformation, and the second encoded information is stored in themanagement server, with the second wireless transmission module of themanager mobile device in connection with the management server, themanagement server is permitted to transmit the second encodedinformation to the manager mobile device and to temporarily store thesecond encoded information in the manager mobile device, with the secondwireless transmission module of the manager mobile device not inconnection with the management server, the management server is notpermitted to transmit the second encoded information to the managermobile device, wherein every time the second wireless transmissionmodule of the manager mobile device is connected to the wirelesstransmission device of the controller and the management server, themanager program of the manager mobile device requests a holder of themanager mobile device to use the second input device to input an instantsecond identification information and picks up an instant secondhardware identification number of the connected manager mobile device,and the controller is permitted to obtain the second encodedinformation, the instant second hardware identification number, and theinstant second identification information, wherein after the controllerhas obtained the second encoded information, the second hardwareidentification number, and the second identification information of themanager mobile device, the decoding key is used to decode the secondencoded information to obtain the authenticated second hardwareidentification number and the authenticated initial secondidentification information contained in the second encoded information,wherein after the controller has obtained the second encoded informationof the manager mobile device, the second encoded information is deletedfrom the manager mobile device, wherein when the control moduleidentifies that the authenticated second hardware identification numberof the manager mobile device is identical to the instant second hardwareidentification number and identifies that the authenticated initialsecond identification information is identical to the instant secondidentification information of the manager mobile device, the controlmodule sets the control device to be in the open state, and wherein whenthe control module identifies that the authenticated second hardwareidentification number of the manager mobile device is not identical tothe instant second hardware identification number or identifies that theauthenticated initial second identification information is not identicalto the instant second identification information of the manager mobiledevice, the control module sets the control device to be in the lockedstate.
 5. The control system as claimed in claim 4, wherein each firstinput device is an image pick-up device, the holder of a respective oneof the plurality of user mobile devices is requested to use the firstinput device to pick up a facial image of the holder of the respectiveone of the plurality of user mobile devices, and characteristics of thefacial image of the holder of the respective one of the plurality ofuser mobile devices are encoded to be used as the initial firstidentification information or the instant first identificationinformation, and wherein the second input device is an image pick-updevice, the holder of the manager mobile device is requested to use thesecond input device to pick up a facial image of the holder of themanager mobile device, and characteristics of the facial image of theholder of the manager mobile device are encoded to be used as theinitial second identification information or the instant secondidentification information.
 6. The control system as claimed in claim 4,wherein each first input device is a microphone, the holder of arespective one of the plurality of user mobile devices is requested touse the first input device to pick up a voice of the holder of therespective one of the plurality of user mobile devices, and the voice ofthe holder of the respective one of the plurality of user mobile devicesis edited as a vocal print which is used as the initial firstidentification information or the instant first identificationinformation, and wherein the second input device is a microphone, theholder of the manager mobile device is requested to use the second inputdevice to pick up a voice of the holder of the manager mobile device,and the voice of the holder of the manager mobile device is edited as avocal print which is used as the initial second identificationinformation or the instant second identification information.
 7. Thecontrol system as claimed in claim 4, wherein each first input device isa fingerprint input device, the holder of a respective one of theplurality of user mobile devices is requested to use the first inputdevice to pick up a fingerprint of the holder of the respective one ofthe plurality of user mobile devices, and characteristics of thefingerprint are encoded to be used as the initial first identificationinformation or the instant first identification information, and thesecond input device is a fingerprint input device, the holder of themanager mobile device is requested to use the second input device topick up a fingerprint of the holder of the manager mobile device, andcharacteristics of the fingerprint are encoded to be used as the initialsecond identification information or the instant second identificationinformation.
 8. The control system as claimed in claim 4, each firstinput device is a finger vein recognition device, the holder of arespective one of the plurality of user mobile devices is requested touse the first input device to pick up a finger vein image of the holderof the respective one of the plurality of user mobile devices, andcharacteristics of the finger vein image of the holder of the respectiveone of the plurality of user mobile devices are encoded to be used asthe initial first identification information or the instant firstidentification information, and the second input device is a finger veinrecognition device, the holder of the manager mobile device is requestedto use the second input device to pick up a finger vein image of theholder of the manager mobile device, and characteristics of the fingervein image of the holder of the manager mobile device are encoded to beused as the initial second identification information or the instantsecond identification information.
 9. The control system as claimed inclaim 4, wherein each first input device is an iris recognition device,the holder of a respective one of the plurality of user mobile devicesis requested to use the first input device to pick up the iris image ofthe holder of the respective one of the plurality of user mobiledevices, and characteristics of the iris image of the holder of therespective one of the plurality of user mobile devices are encoded to beused as the initial first identification information or the instantfirst identification information, and wherein the second input device isan iris recognition device, the holder of the manager mobile device isrequested to use the second input device to pick up the iris image ofthe holder of the manager mobile device, and characteristics of the irisimage of the holder of the manager mobile device are encoded to be usedas the initial second identification information or the instant secondidentification information.
 10. The control system as claimed in claim4, wherein each first input device includes a touch screen, the holderof the user mobile device is requested to use the touch screen of thefirst input device to input a pin number or a specific FIGURE of theholder of the user mobile device, and the pin number or the specificFIGURE of the holder of the user mobile device is used as the initialfirst identification information or the instant first identificationinformation, wherein the second input device is a touch screen, theholder of the manager mobile device is requested to use the touch screenof the second input device to input a pin number or a specific FIGURE ofthe holder of the manager mobile device, and the pin number or thespecific FIGURE of the holder of the manager mobile device is used asthe initial second identification information or the instant secondidentification information.
 11. The control system as claimed in claim1, wherein the control device is a door lock adapted to be mounted to adoor, with the door lock including: a locking mechanism electricallyconnected to the control module, with the control module controllable tobe in a locking state or an unlocking state; and a latch operablyconnected to the locking mechanism, with the latch movable between alatching position and an unlatching position, wherein when the controlmodule identifies that the authenticated initial first identificationinformation of the connected user mobile device is identical to theinstant first identification information, the control module controlsthe locking mechanism to be in the unlocking state permitting the latchto move from the latching position to the unlatching position, and thedoor lock is in an open state, and wherein when the control moduleidentifies that the authenticated initial first identificationinformation of the connected user mobile device is not identical to theinstant first identification information, the control module controlsthe locking mechanism to be in the locking state not permitting thelatch to move from the latching position to the unlatching position, andthe door lock is in a locked state.